package com.toy.core.security.access;

import com.toy.core.security.Authentication;
import com.toy.core.security.chain.FilterInvocation;
import com.toy.core.security.exception.AuthenticationException;

public interface AccessDecisionManager {
	 //~ Methods ========================================================================================================

    /**
     * Resolves an access control decision for the passed parameters.
     *
     * @param authentication the caller invoking the method
     * @param object the secured object being called
     * @param config the configuration attributes associated with the secured object being invoked
     *
     * @throws AccessDeniedException if access is denied as the authentication does not hold a required authority or
     *         ACL privilege
     * @throws InsufficientAuthenticationException if access is denied as the authentication does not provide a
     *         sufficient level of trust
     */
    void decide(Authentication authentication, FilterInvocation filterInvocation) 
    		throws AccessDeniedException,AuthenticationException;
}
